I raise this question following a controversy in South Korea, where part of the election watchdog's web site was down during an election. The government claimed it's due to a DDoS attack but many people in Korea do not beleive that story.

Questions on Server Fault are expected to relate to server, networking, or related infrastructure administration within the scope defined by the community. Consider editing the question or leaving comments for improvement if you believe the question can be reworded to fit within the scope. Read more about reopening questions here.
If this question can be reworded to fit the rules in the help center, please edit the question.

2

I don't think this question should have been closed.
–
MascarponeDec 5 '11 at 15:29

Agreed. Seems like it's right on topic for SF. The fact that it is receiving votes should be indicative of that.
–
Belmin FernandezDec 8 '11 at 10:51

2 Answers
2

When you do a DDoS (or DoS) attack the basic idea is to take down the resource by overloading it with requests. What effect the attack will have depends on the server(s) and the configuration.

In some case you will be able to take down the entire site by attacking the web servers, or some other critical resource (like database server). But some functions may be hosted on a separate server (like a search function), or even hosted by a separate company (like google, facebook, ...). If that external resource is attacked, only that function will be down while the rest of the site works normally.

I would think that if a.exampleserver.com's search utility was sending all queries to a database on b.exampleserver.com, then a successful DDoS attack on b.examplserver.com would allow the website on a.exampleserver.com to continue to run, but with a failed search feature.